package com.jrh.web.admin;

import javax.servlet.http.HttpServletRequest;

import org.apache.commons.lang.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.ui.ModelMap;
import org.springframework.web.bind.annotation.ModelAttribute;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;

import com.jrh.common.encrypt.CreateMD5;
import com.jrh.dal.ResourceDao;
import com.jrh.domain.entity.Resource;
import com.jrh.web.admin.form.AdminLoginForm;
import com.jrh.web.extend.session.SessionUtil;
import com.jrh.web.model.JrhWebConstant;

/**
 * 后台用户登录
 * 
 * @author jasen.hsu.cn@gmail.com 2012-7-16 下午5:16:54
 */
@Controller
@RequestMapping("/admin")
public class AdminController {

    @Autowired
    private ResourceDao resourceDao;

    public String index(HttpServletRequest request) {
        if (AdminUserUtil.isLogon(request)) {
            return "redirect:/admin/manager";
        }
        return "redirect:/admin/login";
    }

    @RequestMapping(method = RequestMethod.GET, value = "/login")
    public String login(@ModelAttribute("loginForm") AdminLoginForm loginForm, ModelMap map, HttpServletRequest request) {
        if (AdminUserUtil.isLogon(request)) {
            return "redirect:/admin/manager";
        }
        return "admin/login";
    }

    /**
     * 后台登陆
     */
    @RequestMapping(method = RequestMethod.POST, value = "/login")
    public String doLogin(@ModelAttribute("loginForm") AdminLoginForm loginForm, HttpServletRequest request, Model model) {// @ModelAttribute("pcode")
                                                                                                                           // String
                                                                                                                           // pcode,ModelMap
                                                                                                                           // map,
        if (loginForm == null) {
            return "redirect:/admin/login";
        }
        // // 验证码
        // if (!validPcCode(pcode, request)) {
        // map.put("pcodeError", "验证码错误");
        // return "admin/login";
        // }
        String username = loginForm.getUsername();
        String password = loginForm.getPassword();
        Resource resource = resourceDao.loadByKeyAndGroup(username, Resource.GROUP_ADMIN_ACCOUNT);
        if (resource == null || StringUtils.isEmpty(username) || StringUtils.isEmpty(password)) {
            model.addAttribute("USERNAME_PASSWORD_ERROR", "Y");
            return "admin/login";
        }

        // 密码是否正确
        if (CreateMD5.createMD5(password).equals(resource.getRvalue())) {
            AdminUserUtil.storeUserSession(request, username);
            return "redirect:/admin/manager";
        }
        model.addAttribute("USERNAME_PASSWORD_ERROR", "Y");
        return "admin/login";
    }

    /**
     * 管理页面
     * 
     * @param request
     * @return
     */
    @RequestMapping(method = RequestMethod.GET, value = "/logout")
    public String logout(HttpServletRequest request) {
        AdminUserUtil.clearUserSession(request);
        return "redirect:/admin/login";
    }

    /**
     * 管理页面
     * 
     * @param request
     * @return
     */
    @RequestMapping(method = RequestMethod.GET, value = "/manager")
    public String manager(HttpServletRequest request) {
        return "admin/manager";
    }

    private boolean validPcCode(String pcCode, HttpServletRequest request) {
        String pcodeFromSession = SessionUtil.getSession(request, JrhWebConstant.SESSION_PCODE_KEY, String.class);
        if (StringUtils.isBlank(pcCode) || StringUtils.isBlank(pcodeFromSession)) {
            return false;
        }
        if (pcCode.equalsIgnoreCase(pcodeFromSession)) {
            return true;
        }
        return false;
    }
}
